Jira Data Center Java API Inconsistency

This will probably be yet another thread of mine about Data Center’s Java API with no replies, but whatever.

In Permission Scheme, I setup something like this:

Note in granted to “Group”, I can have one granted to “Anyone on the web”.

In the database (SELECT * FROM SCHEMEPERMISSIONS;), that shows up as:
So, a type of “group” with null parameter.

In my plugin’s Java code, I can obtain a full list of permission schemes like this:

ServiceOutcome<? extends List<PermissionScheme>> outcome = SERVICE.getPermissionSchemes(getAdminUser());
if (outcome.isValid()) {
	for (PermissionScheme scheme : outcome.getReturnedValue()) {

Diving into scheme.getPermissions(), I can see the group items are:

Permission Holder Key: group, Parameter: null
Permission Holder Key: group, Parameter: jira-servicedesk-users

Which matches with what’s seen in database and on UI. Good so far.

Now try to create the same with PermissionSchemeService:

PermissionHolder holder = (param == null)? 
					PermissionHolder.holder(type) : 
					PermissionHolder.holder(type, param) ;
ProjectPermissionKey key = new ProjectPermissionKey(e.getPermissionKey());
PermissionGrantInput item = PermissionGrantInput.newGrant(holder, key);

And PermissionHolder.holder() reports error when using type “group” and null parameter.

The error stacktrace is:

java.lang.IllegalArgumentException(Parameter should be set if and only if type requires it. Type was: GROUP, parameter was: null):

So the API is giving me “group” with null parameter.
But I cannot create the same thing because it wants non-null parameter with “group”.

Before this, I was using PermissionSchemeManager to create Scheme and SchemeEntity. But I couldn’t figure out how to properly update a Scheme with PermissionSchemeManager (unable to delete exising SchemeEntity). Plus I need to muck around with GenericValue and deprecated APIs.

So my question is how to create PermissionScheme using PermissionSchemeService, creating “group” permissions that has no parameter?

The UI page calls the internal REST /jira/rest/internal/2/managedpermissionscheme/{schemeID}.

The source code is in ManagedPermissionSchemeHelperImpl. Which is NOT calling PermissionSchemeService. It uses PermissionSchemeManager.

So whatever PermissionSchemeService is for, it cannot do everything the UI/PermissionSchemeManager can.